VIRUS ALERT 'You need to get a parcel Order'
If you receive the following e-mail, it is fraudulent, and the attachment contains a virus. This e-mail WAS NOT sent from FedEx.
How to tell:
1) What is the originating address? In this case, the address was spoofed to appear to be FedEx, so the message would be opened by many people unaware.
2) Are there spelling and grammar mistakes? The message below contained only one misspelling.
3) Is there a .zip attachment? This always makes the message suspect. Do not easily open .zip attachments.
4) If you go all the way to opening the .zip file, you should see an executable file inside. Its filename may be similar to FedEx_Invoice _Copy_N12-3464.exe. DO NOT open (by double-clicking) any .exe files from e-mail attachments.
5) The "from" address is easy to be spoofed. When you receive a suspect e-mail, inspect its header. Research elsewhere on how to interpret e-mail headers.
If you receive a suspect e-mail which appears to be from FedEx, call their support, and forward the message to ABUSE AT FEDEX DOT COM.
HEADER:
x-store-info:4r51+eLowCe79NzwdU2kR3P+ctWZsO+J
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 128.121.78.220) header.from=day-definite@fedex.com; dkim=none header.d=fedex.com; x-hmca=none
X-Message-Status: n:0:n
X-SID-PRA: FedEx Support <day-definite@fedex.com>
X-DKIM-Result: None
X-AUTH-Result: NONE
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 11chDOWqoTl0ixkxgMSCpVX90CdQX/xNWe0E8I6KYkxvJf9POiswxSvcE/xSbMor477YOAxGVbdKKV3gigUjenjjzAfKd9ejd3/HtG+lNTAwrKv00lyiyK8dMMDKuHzk
Received: from canserver.com ([128.121.78.220]) by SNT0-MC1-F12.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Mon, 12 Mar 2012 07:38:56 -0700
Received: from canserver.com (localhost [127.0.0.1])
by canserver.com (8.13.6.20060614/8.13.6) with ESMTP id q2CEcuBr015751
for <>; Mon, 12 Mar 2012 07:38:56 -0700 (PDT)
Received: (from www@localhost)
by canserver.com (8.13.6.20060614/8.13.6/Submit) id q2CEcu6V015748;
Mon, 12 Mar 2012 07:38:56 -0700 (PDT)
Date: Mon, 12 Mar 2012 07:38:56 -0700 (PDT)
Message-Id: <201203121438.q2CEcu6V015748@canserver.com>
To:
Subject: You need to get a parcel Order 9723
From: "FedEx Support" <day-definite@fedex.com>
X-Mailer: HiveMail1.2.1
Reply-To: "FedEx Support" <day-definite@fedex.com>
Mime-Version: 1.0
Content-Type: multipart/mixed;boundary="----------13315631364F5E0A8002865"
Return-Path: www@canserver.com
X-OriginalArrivalTime: 12 Mar 2012 14:38:56.0835 (UTC) FILETIME=[DAEA2930:01CD005D]
------------13315631364F5E0A8002865
Content-Type: text/html;
Content-Transfer-Encoding: 8bit
FedEx notification, <BR>
<BR>
The delivery service couldn’t deliver your package. <BR>
The package weight exceeds the allowable free-delivery limit. <BR>
<BR>
You have to receive your packagen personally. <BR>
Print out the "Invoice Copy" attached and collect the package at our office.<BR>
<BR>
Please read carefully the attached information before receiving your package. <BR>
<BR>
Thank you.
FedEx Global Services. <BR>
------------13315631364F5E0A8002865
Content-Type: application/octet-stream;name="FedEx_Invoice _Copy_N12-3464.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;filename="FedEx_Invoice _Copy_N12-3464.zip"
MESSAGE:
SUBJECT:
You need to get a parcel Order 9723
ATTACHMENT:
FedEx_Invoice _Copy_N12-3464.zip
BODY:
FedEx notification,
The delivery service couldn't deliver your package.
The package weight exceeds the allowable free-delivery limit.
You have to receive your packagen personally.
Print out the "Invoice Copy" attached and collect the package at our office.
Please read carefully the attached information before receiving your package.
Thank you. FedEx Global Services.
˅˅˅ Additional valuable information is available at one of the links below: ˅˅˅
Did you like the article? Let Google Search know by clicking this button:
Page last modified 20-Aug-12 21:58:46 EDT
Previous page: Free online data storage
Next page: Our way of reinventing the wheel
. 